Future plans for EU-wide digital identity framework
Executive summary
The EU has enacted a revamped European Digital Identity Framework (often called eIDAS 2.0 or the EUDI Regulation) that requires Member States to offer certified digital “wallets” to citizens and businesses and sets common technical standards and implementing rules; the regulation entered into force in May 2024 and implementing rules and toolboxes have been published since, with Member States and pilots moving into operational phases through 2025 [1] [2] [3]. The Commission and projects such as TrustED report pilot rollouts, an Architecture and Reference Framework and multiple implementing regulations guiding wallet certification, protocols and interfaces — and Member States must make at least one wallet available by end-2026 under the framework’s timetable outlined in EU briefings and events [3] [4] [5].
1. What Brussels has mandated: a single legal and technical framework
The European Digital Identity Framework (eIDAS 2.0 / EUDI Regulation) updates the 2014 eIDAS rules and explicitly mandates that Member States provide digital wallets which can hold national eIDs and attestations (driving licences, diplomas, bank links) and that those wallets follow a harmonised Architecture and Reference Framework and technical standards to ensure cross‑border acceptance [2] [5]. The Commission’s public pages and implementing acts spell out certification, protocols, interfaces and notification rules for issuers, wallets and service providers — turning the idea of a wallet into concrete regulatory obligations and technical specifications [5] [3].
2. Timetable and rollout: from pilots to mandatory national offers
Large-scale pilots began in 2023 and, according to Commission briefings and event listings, a second pilot phase and operational testing were planned for 2025; Member States are expected to provide at least one EUDI Wallet to citizens and residents by the December 2026 target referenced in outreach materials for local and regional administrations [6] [4]. The Commission site also documents that several implementing regulations were adopted (and the common ARF updated) as the legal and technical building blocks moved into implementation in 2024–2025 [3] [5].
3. Who builds, who issues: public authorities and recognised private providers
The regulation allows wallets to be issued by public authorities or recognised private entities, but requires Member State recognition and compliance with certification rules and common standards; the stated policy aim is to give Europeans “full control” over their data while enabling private‑sector use cases under the same trust framework [2] [7]. The GitHub repositories maintained for the EUDI Wallet programme show active developer materials, a reference implementation and the Toolbox that Member States’ experts are to use when implementing the ARF [7].
4. Pilots and consortia: TrustED and industry signals
Research and industry consortia such as TrustED report transitions from design to operational pilots in 2025 that involve real users, selective disclosure mechanisms and federated privacy techniques — signalling an emphasis on privacy‑preserving features in pilot implementations [8]. Commercial firms are positioning for market demand (for example, Hopae expanding in Europe and earmarking funds), which indicates private‑sector engagement and competitive offers to help Member States or private issuers implement wallets [9].
5. Practical scope and everyday use cases promised
The EUDI Wallet is designed to store verified attributes and documents — national eIDs, driving licences, diplomas, health attestations, even business credentials — to enable cross‑border and cross‑sector transactions with legal effect similar to physical documents according to Commission materials [2] [4]. Commission communications frame this as an enabler of digital public services, banking, contracts and reduced unnecessary data sharing between parties [2].
6. Questions, risks and political economy to watch
Public-facing commentaries and independent observers flag concerns about linkage, control and risks as the system expands — privacy trade‑offs, concentration of verification power, and how optional private‑sector issuance will operate in practice are all live issues in the debate [1]. The regulatory texts set guardrails — certification, protocols, selective disclosure — but real‑world outcomes will depend on how Member States implement recognition rules and how private providers are accredited [5] [7].
7. What is left uncertain in current reporting
Available sources do not mention granular enforcement cases, a definitive EU‑wide budget for rollout, detailed national deployment schedules for every Member State, or final consumer uptake numbers beyond broad population estimates cited in commentary (sources provided do not contain that level of country‑by‑country rollout detail) — those specifics are not found in current reporting from the documents supplied [10] [11]. Monitoring will require following national rollouts, pilot results and the Commission’s implementing updates.
8. How to follow the programme and evaluate impact
Watch the Commission’s EUDI Wallet pages and the GitHub reference repositories for technical changes and ARF updates, follow pilot consortium press releases (e.g., TrustED) for operational lessons, and track implementing regulations and certification guidance that the Commission publishes — these are the primary sources that will reveal whether the promise of cross‑border, privacy‑preserving wallets translates into interoperable services by the December 2026 timeline referenced in EU outreach [3] [7] [4].